Add ISO/ZIP acquisition pipeline (ams.acquire worker)

Closes the chain from a game file to a catalog entry: unpack an ISO/ZIP,
content-identify the engine DLL (CMC_ObjectsContainer marker in RTTI, so a
renamed file is still found), hash it (sha256 + md5 + optional ssdeep via
ppdeep), run Ghidra headless with the extractor, enrich and import the snapshot.

- unpack.py: bsdtar (ISO9660 + ZIP) with a pure-Python zipfile fallback
- identify.py: content-based engine-DLL picker + hashing
- ghidra.py: analyzeHeadless launcher discovery + post-script run
- pipeline.py: orchestration with injectable extract_fn; sink db|http|none
- cli.py: python -m ams.acquire (incl. --identify-only dry run)
- tests: 7 new (forged PE markers + stubbed extractor) -> 18/18

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

This commit is contained in:

Patryk Gensch

2026-05-31 12:11:56 +02:00

parent 4542763936

commit 6797ad5ddb

10 changed files with 774 additions and 0 deletions

									
										6

ams/acquire/__main__.py
									
										Normal file
									
												View File
												
				@@ -0,0 +1,6 @@

				import sys

				from .cli import main

				if __name__ == "__main__":

				    sys.exit(main())

Add ISO/ZIP acquisition pipeline (ams.acquire worker)

6 ams/acquire/__main__.py Normal file Unescape Escape View File

6

ams/acquire/main.py Normal file

View File